The decision by the Organization of Arab Petroleum Exporting Countries (OPEC) in 1973 to establish an oil embargo on the US, UK, Japan and other states triggered a crisis of capitalism and security. Petrol stations went dry, the price of oil leapt from $3 a barrel to $12 and inflation would rampage the most advanced economies. As a consequence, roads were deserted, national energy shortages were rampant, and the decade of stagnation and dissent was in full swing. The oil shocks of the 1970s had carved its memory into US foreign policy for four decades after, resulting in a Middle East centric security strategy and an obsession with energy security. These past few weeks have seen the colonial pipeline in the US gripped by ransomware attacks, resulting in oil shortages and panic at petrol stations, harking back to the oil crisis of the 1970s. Although not as disruptive as the oil crisis of the past, it has revealed the soft underbelly of US national security. The response has been the securitization of US cyber-security, with Biden’s new executive order intending to shore up critical infrastructure from future attacks and marks the new ascension of cyber-security forming a central pillar of national security.
The wave of ransomware attacks witnessed this month in the US is consistent with current patterns of cyber threats, they are getting bigger, more sophisticated and more disruptive. For instance, the colonial pipeline delivers 45% of the oil for the east coast and as a result, the attack caused the closure of 50% of all petrol station in Washington DC, 40% of all petrol station in North Carolina and collectively closing a total of 9500 stations across the east coast. As well as this, ransomware attacks also disrupted solar farms in Texas, water treatment plants in Florida and the Washington police department. Furthermore, it has been reported that 26 government agencies have been victims of malicious ransomware attacks since the start of the year. This is perhaps not surprising, the US infrastructure is crumbling and many of its IT systems are antiquated. However, firms also need to pursue multi-angle cyber-security strategies for data protection and to reassure investor confidence. Linking back to the colonial pipeline, they have since paid out $4.4 million in bitcoin to the hackers, making Darkside (the group who rent out the ransomware) a household name. This has elevated the status of the ransomware attacks and may encourage others to carry out more assaults in the future, the saying “Veni, Vidi, Vici” (I came, I saw, I conquered) comes to mind. Consequently, the Biden administration has been quick to issue an executive order to strengthen cyber-security and in doing so bolster national security.
President Biden's executive order aims to improve software supply chains, increase the standardization of cyber-security and improve the information sharing between private and public actors. Just as the oil crisis in the 1970s highlighted the importance of the Middle East in US energy security, the ransomware attacks have revealed the importance of cyber-security in a nation’s critical infrastructure. The executive order now requires companies to share information on digital attacks and removes the contractual barriers from sharing breach information. The logic is that this will increase the visibility of company software and make security data more publicly available. This is contested, as indeed it is true companies often fail to report such incidents out of fear of embarrassment but it will be time intensive for companies to report every breach and conclude in ‘alert fatigue'. Therefore, although it is important for there to be central standardized endpoint detection processes and response systems, the government needs to find the balance between the intrusiveness of such measures. Overall, there does need to be the implementation of a zero-trust architecture in US critical infrastructure if we are to become more resilient to these types of attacks witnessed with the colonial pipeline’s experience. However, governments should navigate carefully when demanding company data under the name of national security, it could be a slippery path.
To sum up, ransomware attacks will become more common, sophisticated, disruptive and dangerous as we move to a hyper digitally-integrated future. Thus, it is more essential than ever for companies to pursue strategies to deter and defend their systems against cyber threats. Additionally, governments will need to play a large role in coordinating actors in responding and defending against such threats. However, there is a line of intrusiveness governments should hesitate to cross, this executive order is edging closer to that line. Just as the 1970s pivoted US security thinking to the Middle East, cyber-security will increasingly be on the minds of policymakers in the future.
Written by Henri Willmott,
Content Manager